1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
[]
= "bvisor"
= "0.9.0"
= "2021"
= "1.92"
= "MIT OR Apache-2.0"
= "Sync-first boundary supervisor: platform-agnostic boundary contract (types + fail-closed planner) with real Linux (landlock/seccomp/cgroups) and Wasm (wasmi/WASI) confinement backends. ZERO OS code, ZERO BatPak writes in the Backend trait."
[]
= "src/lib.rs"
# The single-threaded Linux confinement LAUNCHER (kernel plan §10.8) — a separate
# `[[bin]]` in the bvisor package, NOT a crate. Meaningful only on Linux: `main.rs`
# gates the real impl behind `cfg(target_os = "linux")` and provides a non-Linux
# stub so the bin compiles cross-platform. Requires `backend-linux` (the protocol
# types + libc basement live behind that feature).
[[]]
= "bvisor-linux-launcher"
= "launcher/linux/main.rs"
= ["backend-linux"]
[]
= []
# The SimBackend monster + the harness-owned GroundTruth shadow + the
# reconciliation matrix live behind this feature, mirroring batpak's
# `store/sim` convention (`crates/core/Cargo.toml`). Without it the whole
# `sim/` module is compiled out and the crate stays the pure contract + Inert.
# Pulls in batpak's matching gate so the sim path reuses core's canonical
# deterministic `SimClock` (`batpak::store::SimClock`) instead of carrying a
# duplicate `Clock` impl.
= ["batpak/dangerous-test-hooks"]
# The QF_BV solver harness (kernel plan §4): an EXTERNAL, PINNED, CLOUD-ONLY SMT
# tool that discharges the admission-circuit equivalence proof. Gated so the solver
# never runs on the local potato — CI runs `cargo test --features qf-bv` with pinned
# z3/cvc5 (BVISOR_Z3 / BVISOR_CVC5). The pure SMT GENERATOR is always compiled and
# unit-tested locally; only the solver-invoking harness is behind this feature.
= []
# Host wiring (kernel plan §11): mount the boundary contract as ONE hostbat
# `HostModule` over a `syncbat::Core`. Off by default — the pure `contract/` is
# the crate's identity; `host` adds the syncbat handlers + the hostbat module so
# bvisor never grows its own host architecture (there is NO `bvisor-host` crate).
= ["dep:syncbat", "dep:hostbat"]
# Per-platform OS boundary backends (kernel plan §10 / SCOPE backend-ladder).
# OFF by default — the pure contract + Inert is the crate's identity. Each gates
# the OS-touching backend STRUCT + unsafe basement; the honest `support_matrix()`
# data is ALWAYS compiled regardless of feature, so the per-platform honesty
# tables stay cross-platform testable. Real OS deps land per build-ladder step in
# the matching `[target.'cfg(target_os="..")'.dependencies]` table below.
#
# CARGO PATTERN (compiles cleanly BOTH on Linux and non-Linux):
# `backend-linux` activates `dep:libc` + `dep:landlock`, which live in the
# `[target.'cfg(target_os = "linux")'.dependencies]` table below as
# `optional = true`. The `dep:` syntax suppresses the implicit feature, so the
# deps appear ONLY when the feature is on AND the host is Linux:
# - Non-Linux build (any feature set): the target table is not resolved, so
# libc/landlock are never fetched — no error, no unused-dep warning.
# - Linux WITHOUT `backend-linux`: the optional deps stay inactive (the
# `backend_impl`/`sys` modules are cfg-gated off) — no unused-dep warning.
# - Linux WITH `backend-linux`: both deps activate and the real LinuxBackend
# (probe ABI / landlock confinement / pre_exec basement) compiles.
= ["dep:libc", "dep:landlock", "dep:seccompiler"]
= ["dep:wasmi", "dep:wasmi_wasi"]
= []
= []
[]
# batpak by path for the EventPayload derive + inventory registration and the
# canonical encoding / blake3 hash helpers reused for report sealing. The `blake3`
# default feature backs `event::hash::compute_hash`, which seals report bodies.
# The contract itself stays OS-free and writes no BatPak.
= { = "../core", = "0.9.0" }
= { = "1", = ["derive"] }
# Named in report/plan seal signatures: batpak's canonical encoder returns
# `rmp_serde::encode::Error`, mirrored here exactly as core's *ReportBody does.
# Pinned to the same line core pins so the canonical bytes stay byte-identical.
= "=1.3.1"
# Host wiring (the `host` feature). The runtime layer bvisor mounts into and the
# generic module host that composes it; both optional so the default build stays
# the pure, OS-free, host-free contract.
= { = "../syncbat", = "0.9.0", = true }
= { = "../hostbat", = "0.9.0", = true }
# Wasm backend runtime. Host-OS-independent, so this lives in the plain dependency
# table rather than a target table.
= { = "=1.1.0", = false, = ["std"], = true }
= { = "=1.1.0", = true }
[]
# The `host` end-to-end proof opens a real batpak Store in a tempdir to witness
# the PERSIST leg (request → admit → execute → seal → persist).
= ">=3.24, <3.25"
# Test fixtures are tiny WAT guests compiled in tests; no wasm32 toolchain needed.
= "=1.252.0"
# ── Per-platform backend deps (cfg-gated so a Linux build never resolves the
# Windows/macOS crates). EMPTY in scaffolding (step a) — the real `optional=true`
# deps land per build-ladder step:
# Linux (step b): libc, landlock, seccompiler — gated `backend-linux`
# Windows (step d): windows-sys — gated `backend-windows`
# macOS (step e): libc (Seatbelt extern) — gated `backend-macos`
# Wasm (step c) deps are host-OS-independent, so they live in
# the plain `[dependencies]` behind `backend-wasm`, not in a target table.
[]
# Step (b) — REAL filesystem confinement. Both `optional = true` + activated by
# the `backend-linux` feature via `dep:` (see the feature comment above), so a
# default Linux build never resolves them and a non-Linux build never sees this
# target table at all.
# libc — the raw landlock-ABI probe syscall + the `pre_exec` basement that
# applies the ruleset in the child before exec (`linux/sys.rs`).
# landlock — the safe ABI-floor + ruleset builder used from the basement to
# restrict FS access to exactly the declared roots.
= { = "0.2", = true }
= { = "0.4.5", = true }
# seccompiler — the D6 seccomp POLICY MODEL → BPF assembler (proof-spine S7). A
# PURE Rust BPF compiler (no async runtime, no executor): the Rust
# `SeccompFilter`/`BpfProgram` API compiles a policy to BPF bytes that
# S10 (not S7) installs via the unsafe `sys.rs` basement. PINNED exact
# so the compiled-BPF digest in the D6 evidence stays reproducible.
= { = "=0.5.0", = true }
[]
[]
[]
= true